tribes/guix-tribes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable Common Name for IP ACME certificates

Browse Source
This commit is contained in:
Steffen
2026-04-02 12:57:26 +02:00
parent 24cb6694d0
commit 2d058986e1
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
tribes/services/lego.scm
View File

@@ -86,6 +86,14 @@
(string-append "IP:" subject) (string-append "IP:" subject)
(string-append "DNS:" subject))) (string-append "DNS:" subject)))
(define (ip-subject? subject)
(and (not (string-any char-alphabetic? subject))
(string-any (lambda (chr)
(or (char-numeric? chr)
(char=? chr #\.)
(char=? chr #\:)))
subject)))
(define (certificate-key-name certificate) (define (certificate-key-name certificate)
(string-map (lambda (chr) (string-map (lambda (chr)
(if (char=? chr #\*) (if (char=? chr #\*)
@@ -121,6 +129,9 @@
(if server (if server
(list "--server" server) (list "--server" server)
'()) '())
(if (any ip-subject? subjects)
(list "--disable-cn")
'())
(list "--key-type" key-type) (list "--key-type" key-type)
(append-map (lambda (subject) (append-map (lambda (subject)
(list "-d" subject)) (list "-d" subject))